Infrastructure / Opinions

5 computer security facts that surprise most people

As a 30-year road warrior, I’ve learned some security truths that seem wrong, but must be accepted if you really want to understand the threats you face.

Written by Roger A. Grimes06 Dec. 17 00:30

How to convince the CFO of the budgetary security need

It had been custom for organizations to think of cyber security in terms of an information technology (IT) problem best left to IT people to address and fix. However, as more prolific breaches were publicized exposing a variety of sensitive personal, financial, and intellectual property-related data, it became clear that this was a rather myopic view in today’s increasingly interconnected world.

Written by Brian Contos10 Feb. 16 05:08

AT&T: The CIO security checklist

In the age of big data, bring-your-own-devices and internet-connected supply chains, cybercrime is big business; and cyber security has never been higher on the C-suite agenda. Here are three steps CIOs can take in this environment.

Written by Vanessa Lew26 Nov. 14 04:00

Everything you know about enterprise security is wrong

Whether you're talking about your network, your company's building or your home, a perimeter approach to security is no longer adequate. As McAfee discussed at the RSA Conference, you can't provide physical or electronic security simply by trying to prevent authorized access - you have to rethink all types to security to protect data and lives.

Written by Rob Enderle28 Feb. 14 15:24

Kenneth van Wyk: After Snowden

Restoring trust in our information systems after Edward Snowden's NSA revelations will take years -- if it can be done at all.

Written by Kenneth van Wyk09 Jan. 14 13:58

2014: Time to rethink privacy

Companies have to fully confront the privacy issues they face and rethink their policies from the bottom up.

Written by Evan Schuman31 Dec. 13 11:54

Legacy system refresh

I’ve been reading a lot recently about organisations undertaking major IT modernisation projects; ie, replacing legacy systems. Modernising a legacy environment is technologically challenging, but also culturally difficult. The changing nature of IT has and will continue to have a dramatic psychological impact on the enterprise’s greatest historical asset — its people.
Most organisations have a wide variety of applications in their portfolios. A substantial number of legacy applications were built or acquired over many years or decades. The mix is likely to include applications licensed from software vendors, along with solutions that were custom-developed by internal staff or third parties. Somewhat reflecting the various types of applications, application professionals often cluster into five dominant personas.

Written by Mary Ann Maxwell11 Aug. 08 22:00

Turning old into gold

How much do you think a business system is worth? The usual answer to this question would be the purchase price minus any depreciation. Yet in my experience that is rarely a true reflection of the value of these applications to the business. These systems are embedded in the organisation. Processes flow from them. They are instinctively utilised by employees. They are frequently adapted to specific business requirements. If they stopped working tomorrow it would create havoc in many companies. The reality is they are worth considerably more than many executives appreciate.
Yet even the name given to established business systems highlights a certain lack of appreciation towards them. The term ‘legacy applications’ implies something old fashioned, inherited or long-in-the-tooth. Unfortunately in IT there can always be a temptation to confuse the new with the better. There is a lot to be said for a robust, dependable legacy application. You know it works and you know changing from it will bring significant disruption to the business. Replacing an application can require extensive staff training and modifications to work practices while, at the back of the mind, is the uncertainty as to whether you will be any better off in the long run.

Written by Peter Hind20 Aug. 07 22:00